An empirical study of privacy-violating information flows in JavaScript web applications
Proceedings of the 17th ACM conference on Computer and communications security
Visual security policy for the web
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
VEX: vetting browser extensions for security vulnerabilities
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Securing script-based extensibility in web browsers
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Vetting browser extensions for security vulnerabilities with VEX
Communications of the ACM
ADsafety: type-based verification of JavaScript Sandboxing
SEC'11 Proceedings of the 20th USENIX conference on Security
ZDVUE: prioritization of javascript attacks to discover new vulnerabilities
Proceedings of the 4th ACM workshop on Security and artificial intelligence
Information flow analysis for javascript
Proceedings of the 1st ACM SIGPLAN international workshop on Programming language and systems technologies for internet clients
Multiple facets for dynamic information flow
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Towards fine-grained access control on browser extensions
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Review: A survey on solutions and main free tools for privacy enhancing Web communications
Journal of Network and Computer Applications
Tracking the trackers: fast and scalable dynamic analysis of web content for privacy violations
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Privilege separation in HTML5 applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
On-the-Fly inlining of dynamic dependency monitors for secure information flow
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
An analysis of the mozilla jetpack extension framework
ECOOP'12 Proceedings of the 26th European conference on Object-Oriented Programming
Detecting and analyzing insecure component usage
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
An empirical study of dangerous behaviors in firefox extensions
ISC'12 Proceedings of the 15th international conference on Information Security
Memoirs of a browser: a cross-browser detection model for privacy-breaching extensions
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Securing legacy firefox extensions with SENTINEL
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Security Signature Inference for JavaScript-based Browser Addons
Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
Information flow tracking meets just-in-time compilation
ACM Transactions on Architecture and Code Optimization (TACO)
| Hi-index | 0.02 |
JavaScript-based browser extensions (JSEs) enhance the core functionality of web browsers by improving their look and feel, and are widely available for commodity browsers. To enable a rich set of functionalities, browsers typically execute JSEs with elevated privileges. For example, unlike JavaScript code in a web application, code in a JSE is not constrained by the same-origin policy. Malicious JSEs can misuse these privileges to compromise confidentiality and integrity, e.g., by stealing sensitive information, such as cookies and saved passwords, or executing arbitrary code on the host system. Even if a JSE is not overtly malicious, vulnerabilities in the JSE and the browser may allow a remote attacker to compromise browser security. We present Sabre (Security Architecture for Browser Extensions), a system that uses in-browser information-flow tracking to analyze JSEs. Sabre associates a label with each in-memory JavaScript object in the browser, which determines whether the object contains sensitive information. Sabre propagates labels as objects are modified by the JSE and passed between browser subsystems. Sabre raises an alert if an object containing sensitive information is accessed in an unsafe way, e.g., if a JSE attempts to send the object over the network or write it to a file. We implemented Sabre by modifying the Firefox browser and evaluated it using both malicious JSEs as well as benign ones that contained exploitable vulnerabilities. Our experiments show that Sabre can precisely identify potential information flow violations by JSEs.